Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Tue, 20 May 2008 17:02:52 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kris Katterjohn wrote:
Fyodor wrote:On Fri, May 16, 2008 at 05:00:53PM -0500, Kris Katterjohn wrote:* ircServerInfo - I don't think this is default material (but I'm also not an IRC user)Well, it only runs if an IRC port is open and it then does discovery for server information. I'd suggest including it unless people think the output is too verbose or not useful enough.Running against irc.efnet.org gives me: 6666/tcp open irc syn-ack | IRC Server Info: Server: irc.blessed.net | Version: ircd-ratbox-3.0.0beta3(20080423_3-25265). irc.blessed.net | Servers/Ops/Chans/Users: 61/406/27994/59199 | Lservers/Lusers: 1/1360 | Uptime: 13 days, 6:41:47 | Source host: adsl-074-182-015-130.sip.jan.bellsouth.net |_ Source ident: NONE or BLOCKED Which is quite verbose. It too could be fixed up with nmap.verbosity(), but I don't want to mess with it because I don't know what would be interesting enough for IRC users :)
Does anybody else have an opinion on this one, or care to redo it with nmap.verbosity()? IIRC this script and SMTPcommands are the only outstanding scripts, and Jason is already working on the latter. Sorry, but once again I'll post up the whole current list :) Aside from the two aforementioned scripts, are there any problems below? Default: * anonFTP * dns-test-open-recursion * finger * ftpbounce * HTTPAuth * HTTP_open_proxy * MSSQLm * MySQLinfo * nbstat * RealVNC_auth_bypass * robots * rpcinfo * showHTMLtitle * showOwner * SNMPsysdesr * SSHv1-support * SSLv2-support * UPnP-info * zoneTrans Non-Default: * bruteTelnet - Too intrusive and slow * chargenTest - Obscure / "demo" * daytimeTest - Obscure / "demo" * echoTest - Obscure / "demo" * HTTPpasswd - A bit too intrusive and probably not useful enough * HTTPtrace - Not default material * iax2Detect - "version" * ircServerInfo - Should be redone with nmap.verbosity() ? * ircZombieTest - "malware" * kibuvDetection - "malware" * netbios-smb-os-detection - I want this to be default, but it's "version" * PPTPversion - "version" * promiscuous - I don't think it's useful enough * ripeQuery - Abusive to RIPE * showHTTPversion - Obscure / only category is "" * showSMTPVersion - Obscure / "demo" * showSSHVersion - Obscure / "demo" * skype_v2-version - "version" * SMTPcommands - Jason is handling it with nmap.verbosity() * SMTP_openrelay_test - "demo" because of "real hostname" issue * SQLInject - Obvious reasons :) * strangeSMTPport - Obscure / "backdoor" * xamppDefaultPass - "vulnerability" Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSDNKiv9K37xXYl36AQKKyA/+KEAnMq/vFUpsbomIuZBvsuhb+4niEYRH kv08Ro9bxLx4j2vTgeC4Hw9/h1b6Bpo9Mf5Utwar5rdBW9FTUkMr+ER+MuvGJUgf 1FnJVfCEcrDhRPmaisA2Msmemu3oTqPUxYGv8cvujuwDMZ6OZfbBoe5NuibsHffx Pj5Qul8xxVE7QlWU05tm3WEegVbTcHcHO+DUVb++FN2OIgXa9fD6VC+ftOo6inIl hAv0wghptWRR6wl5idsPlRWEkzyJxkhk6EdX2zJ8oyG+aEoUSqzzjWGeYan+j5o2 zPz8QYIEvxAQ5274gPhdX4awwBmgsj+vdHhu/K4FGJC85jhnwMlgfivRl7bLl3FB 5Qp55lWeleWwSK2O4KOvQZEX7SUeNCfI2iAR2j+EsrzA5pFag1Dz7Dxg1kO4vkK1 rsVqL80q7ZEo0AZcO/V/CmZUNbUjgFkNbhm9mILhkykaViZ8glPnP8f/HpWOIHY3 sF+CBXsULbs+yKMFPfhhW3vJOEB/fPmyl0hR4X6F/TlZb3+/YG/ZbhdYRnzcPNlS hnvEX6hDldvhWqk137YQkdYsTwvXmbfBd8SijNjWhvg/rjxKN/2i0pA/wWLBk3aW PdtsEMJp+5oHPL1ioX7Fa1oH2bvj3rkrvlx32Eq2T20SslCvjw4TLT0FeQEoogR6 YHlaxCQ+aes= =2W5/ -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [RFC] Default NSE Scripts, (continued)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts Fyodor (May 16)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Fyodor (May 19)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 20)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 21)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 20)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 27)
- Re: [RFC] Default NSE Scripts jah (May 27)
- Re: [RFC] Default NSE Scripts Fyodor (May 27)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 19)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 15)